Isochronous Event Handling Vulnerability in Linux Kernel by Linux Foundation
CVE-2025-37882

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 May 2025

Summary

In the Linux kernel, a vulnerability has been identified that affects isochronous event handling on xHCI (eXtensible Host Controller Interface) devices. This issue arises from potentially mishandling events when the TRB (Transfer Request Block) pointer is either incorrectly set or NULL during processing. A race condition can develop under certain load conditions or due to modified interrupt moderation, leading to skipped transfer descriptors (TDs) after a Missed Service Error (MSE). This behavior may result in premature completion of TDs, causing data loss or a use-after-free (UAF) condition in the xHC. It is essential to ensure that TDs are only completed on appropriate xrun events and maintain proper warnings if queued TDs do not correlate with the current event's TRB pointer.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 16a7a8e6c47fea5c847beb696c8c21a7a44c1915

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 39a080a2925c81b0f1da0add44722ef2b78e5454

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 906dec15b9b321b546fd31a3c99ffc13724c7af4

References

https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696...

https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add4...

https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c...

Timeline

Vulnerability published
May 9, 2025
Vulnerability Reserved
Apr 16, 2025